Lab 2.5.1: Basic PPP Configuration Lab
Stáhněte si úlohu
4e_02_5_1_ppp.pdf
z
http://skola.bernkopf.cz
Odkaz Předměty – Cisco – Materiály – Úlohy
Vypracujte podle připojených pokynů.
Navíc do každého směrovače (router) a přepínače (switch) vložte hlášku, která se vypíše při každém
přihlášení.
Použijte příkaz banner login, hláška bude Vaše příjmení bez diakritiky, tj. například Pechacek místo
Pecháček.
Výsledný soubor pojmenujte „4e_02_5_1_ppp_Prijmeni.pkt“, kde Prijmeni je Vaše příjmení bez diakritiky.
Soubor zašlete e-mailem do půlnoci neděle 23. února na adresu jaroslav@bernkopf.cz .
Topology Diagram
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 9
CCNA Exploration
Accessing the WAN: PPP
Lab 2.5.1: Basic PPP Configuration Lab
Addressing Table
Interface
IP Address
Subnet Mask
Default
Gateway
Fa0/1
192.168.10.1
255.255.255.0
N/A
S0/0/0
10.1.1.1
255.255.255.252
N/A
Lo0
209.165.200.225
255.255.255.224
N/A
S0/0/0
10.1.1.2
255.255.255.252
N/A
S0/0/1
10.2.2.1
255.255.255.252
N/A
Fa0/1
192.168.30.1
255.255.255.0
N/A
S0/0/1
10.2.2.2
255.255.255.252
N/A
PC1
NIC
192.168.10.10
255.255.255.0
192.168.10.1
PC3
NIC
192.168.30.10
255.255.255.0
192.168.30.1
Device
R1
R2
R3
Objectives

Basic configuration tasks on a router.

Configure and activate interfaces.

Configure OSPF routing.

Configure PPP encapsulation.

Learn how to change the encapsulation on the serial interfaces from PPP to HDLC.

Intentionally break and restore PPP encapsulation.

Configure PPP PAP and CHAP authentication.

Intentionally break and restore PPP PAP and CHAP authentication.
Task 1: Prepare the Network
Step 1: Cable the network.
You can use any router as long as it has the required interfaces. Tady nám neřekli, s čím to dělali oni. Vyberte takový
router, který bude mít stejné označení sériových rozhraní, např. 0/0/0.
Step 2: Clear any existing configurations on the routers.
Task 2: Perform Basic Router Configuration
Configure the R1, R2, and R3 routers according to the following guidelines:

Configure the router hostname.

Disable DNS lookup.

Configure an EXEC mode password.

Configure a password for console connections.

Configure synchronous logging.

Configure a password for vty connections.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 9
CCNA Exploration
Accessing the WAN: PPP
Lab 2.5.1: Basic PPP Configuration Lab
Task 3: Configure and Activate Serial and Ethernet Addresses
Step 1: Configure interfaces on R1, R2, and R3.
Configure the interfaces on the routers with the given IP addresses. Include the clock rate on the serial DCE interfaces.
Step 2: Verify IP addressing and interfaces.
Use the show ip interface brief command to verify that the IP addressing is correct and that the interfaces are active.
Save the running configuration to the NVRAM.
Step 3: Configure the Ethernet interfaces of PC1 and PC3.
Configure the Ethernet interfaces of PC1 and PC3 with the given IP addresses and default gateways.
Step 4: Test the configuration by pinging the default gateway from the PC.
Task 4: Configure OSPF on the Routers
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 3 of 9
CCNA Exploration
Accessing the WAN: PPP
Lab 2.5.1: Basic PPP Configuration Lab
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 4 of 9
CCNA Exploration
Accessing the WAN: PPP
Lab 2.5.1: Basic PPP Configuration Lab
Step 1: Enable OSPF routing on R1, R2, and R3.
Use the router ospf command with a process ID of 1. Be sure to advertise the networks.
R1(config)#router ospf 1
R1(config-router)#network 192.168.10.0 0.0.0.255 area 0
R1(config-router)#network 10.1.1.0 0.0.0.3 area 0
R2(config)#router ospf 1
R2(config-router)#network 10.1.1.0 0.0.0.3 area 0
R2(config-router)#network 10.2.2.0 0.0.0.3 area 0
R2(config-router)#network 209.165.200.224 0.0.0.31 area 0
R3(config)#router ospf 1
R3(config-router)#network 10.2.2.0 0.0.0.3 area 0
R3(config-router)#network 192.168.30.0 0.0.0.255 area 0
Step 2: Verify that you have full network connectivity.
Use the show ip route and ping commands to verify connectivity.
Task 5: Configure PPP Encapsulation on Serial Interfaces
Step 1: Use the show interface command to check whether HDLC is the default serial encapsulation.
R1#show interface serial0/0/0
Serial0/0/0 is up, line protocol is up
Hardware is GT96K Serial
Internet address is 10.1.1.1/30
MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
... a stejně na rozhraních R2, R3.
Step 2: Vynecháno
Step 3: Change the encapsulation of the serial interfaces mezi R1 a R2 from HDLC to PPP.
Hlavní rozdíly mezi HDLC a PPP
PPP má ověřování totožnosti (authentication), HDLC ne.
PPP není Cisco proprietary => funguje i na neCisco zařízeních.
Change the encapsulation type on the link between R1 and R2, and observe the effects.
R1(config)#interface serial 0/0/0
R1(config-if)#encapsulation ppp
R2(config)#interface serial 0/0/0
R2(config-if)#encapsulation ppp
What happens when one end of the serial link is encapsulated with PPP and the other end of the link is
encapsulated with HDLC? Může to fungovat s HDLC na jedné straně, PPP na druhé?
_____________________________________________________________________
_____________________________________________________________________
_____________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 5 of 9
CCNA Exploration
Accessing the WAN: PPP
Lab 2.5.1: Basic PPP Configuration Lab
What happens when PPP encapsulation is configured on each end of the serial link? Co se stane, když dáme
PPP na oba konce?
_____________________________________________________________________
_____________________________________________________________________
Step 4: Vynecháno
Step 5: Change the encapsulation from HDLC to PPP on both ends of the serial link between R2 and R3.
When does the line protocol on the serial link come up and the OSPF adjacency is restored? Kdy linkový
protokol ožije a sousedské vztahy protokolu OSPF se obnoví?
_____________________________________________________________________
_____________________________________________________________________
Step 6: Verify that PPP is now the encapsulation on the serial interfaces.
R1#show interface serial0/0/0
Serial0/0/0 is up, line protocol is up
Hardware is GT96K Serial
Internet address is 10.1.1.1/30
MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: CDPCP, IPCP, loopback not set
... stejně na ostatních rozhraních ostatních směrovačů.
Task 6: Break and Restore PPP Encapsulation
By intentionally breaking PPP encapsulation, you will learn about the error messages that are generated.
Když si zkusíme, co to udělá, když to máme schválně špatně nastavené, nebudeme překvapeni, až to budeme mít
špatně neschválně.
Step 1: Return both serial interfaces on R2 to their default HDLC encapsulation.
R2(config)#interface serial 0/0/0
R2(config-if)#encapsulation hdlc
Why is it useful to intentionally break a configuration? Proč je užitečné schválně si to zkusit?
_____________________________________________________________________
_____________________________________________________________________
_____________________________________________________________________
Why do both serial interfaces go down, come back up, and then go back down?
Proč jdou sériová rozhraní dolů, znovu nahoru, a nakonec definitivně dolů?
_____________________________________________________________________
_____________________________________________________________________
_____________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 6 of 9
CCNA Exploration
Accessing the WAN: PPP
Lab 2.5.1: Basic PPP Configuration Lab
Can you think of another way to change the encapsulation of a serial interface from PPP to the default HDLC
encapsulation other than using the encapsulation hdlc command? (Hint: It has to do with the no command.)
Jak jinak by se dalo přejít z PPP na HDLC? (Bude tam nějaký no příkaz)
_____________________________________________________________________
_____________________________________________________________________
_____________________________________________________________________
Protože HDLC je na zařízeních Cisco default, stačí jen zrušit PPP.
Step 2: Return both serial interfaces on R2 to PPP encapsulation.
R2(config)#interface s0/0/0
R2(config-if)#encapsulation ppp
R2(config-if)#interface s0/0/1
R2(config-if)#encapsulation ppp
Task 7: Configure PPP Authentication
Step 1: Configure PPP PAP authentication on the serial link between R1 and R2.
R1(config)#username R1 password cisco ;mluv jen s tím, kdo ti pošle tuto kombinaci
R1(config)#int s0/0/0
R1(config-if)#ppp authentication pap
R1(config-if)#ppp pap sent-username R2 password cisco ; a ty na druhou stranu posílej
zase tuto kombinaci
What happens when PPP PAP authentication is only configured on one end of the serial link? Co když
ověřování nastavíme jen na jedné straně?
_____________________________________________________________________
_____________________________________________________________________
R2(config)#username R2 password cisco
R2(config)#interface Serial0/0/0
R2(config-if)#ppp authentication pap
R2(config-if)#ppp pap sent-username R1 password cisco
What happens when PPP PAP authentication is configured on both ends of the serial link? A co když to
nastavíme správně na obou stranách?
_____________________________________________________________________
_____________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 7 of 9
CCNA Exploration
Accessing the WAN: PPP
Lab 2.5.1: Basic PPP Configuration Lab
Step 2: Configure PPP CHAP authentication on the serial link between R2 and R3.
In PAP authentication, the password is not encrypted. While this is certainly better than no authentication at all, it is still
highly preferable to encrypt the password that is being sent across the link. CHAP encrypts the password. Na rozdíl od
PAP (výše), ověřování CHAP šifruje heslo a proto je bezpečnější.
R2(config)#username R3 password cisco
R2(config)#int s0/0/1
R2(config-if)#ppp authentication chap
R2(config-if)#
R3(config)#username R2 password cisco
*Aug 23 18:07:13.074: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/1,
changed state to up
R3(config)#int s0/0/1
R3(config-if)#
*Aug 23 18:07:22.174: %OSPF-5-ADJCHG: Process 1, Nbr 209.165.200.225 on Serial0/0/1
from LOADING to FULL, Loading Done
R3(config-if)#ppp authentication chap
R3(config-if)#
Notice that the line protocol on interface serial 0/0/1 changes state to UP even before the interface is
configured for CHAP authentication. Can you guess why this is the case? Linkový protokol na serial 0/0/1 jde
nahoru ještě předtím, než je to rozhraní konfigurováno pro CHAP. Proč?
_____________________________________________________________________
_____________________________________________________________________
_____________________________________________________________________
Step 3: Vynecháno
Task 8: Intentionally Break and Restore PPP CHAP Authentication
Step 1: Break PPP CHAP authentication.
On the serial link between R2 and R3, change the authentication protocol on interface serial 0/0/1 to PAP.
R2(config)#int s0/0/1
R2(config-if)#ppp authentication pap
R2(config-if)#^Z
R2#
R2#copy run start
R2#reload
Does changing the authentication protocol to PAP on interface serial 0/0/1 break authentication between R2
and R3?
_____________________________________________________________________
_____________________________________________________________________
_____________________________________________________________________
Kdybychom nerestartovali, linkový protokol by zůstal up. Proč?
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 8 of 9
CCNA Exploration
Accessing the WAN: PPP
Lab 2.5.1: Basic PPP Configuration Lab
Step 2: Restore PPP CHAP authentication on the serial link.
Notice that it is not necessary to reload the router for this change to take effect.
R2(config)#int s0/0/1
R2(config-if)#ppp authentication chap
Step 3: Intentionally Break PPP CHAP authentication by changing the password on R3.
R3(config)#username R2 password cisco
R3(config)#^Z
R3#
R3#copy run start
R3#reload
After reloading, what is the status of the line protocol on serial 0/0/1?
_____________________________________________________________________
_____________________________________________________________________
Step 4: Restore PPP CHAP authentication by changing the password on R3.
R3(config)#username R2 password cisco
R3(config)#
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 9 of 9